CentOS 6 系统优化 Shell 脚本


CentOS 已经发布了6.2版了,现在已经可以用在生产环境了,新版本的内核也能更好的利用硬件。写了一个脚本,用来初始化系统环境,现在分享出来,你可以根据自己的需要,对脚本进行相应的修改。
脚本的内容如下:
1.    #!/bin/bash
2.    #author suzezhi
3.    #this script is only for CentOS 6
4.    #check the OS
5.   
6.    platform=`uname -i`
7.    if [ $platform != "x86_64" ];then
8.    echo "this script is only for 64bit Operating System !"
9.    exit 1
10.   fi
11.   echo "the platform is ok"
12.   version=`lsb_release -r |awk '{print substr($2,1,1)}'`
13.   if [ $version != 6 ];then
14.   echo "this script is only for CentOS 6 !"
15.   exit 1
16.   fi
17.   cat << EOF
18.   +---------------------------------------+
19.   |   your system is CentOS 6 x86_64      |
20.   |      start optimizing.......          |
21.   +---------------------------------------
22.   EOF
23.  
24.   #make the 163.com as the default yum repo
25.   mv /etc/yum.repos.d/CentOS-Base.repo /etc/yum.repos.d/CentOS-Base.repo.backup
26.   wget http://mirrors.163.com/.help/CentOS6-Base-163.repo -O /etc/yum.repos.d/CentOS-Base.repo
27.  
28.   #add the third-party repo
29.   #add the epel
30.   rpm -Uvh http://download.Fedora.RedHat.com/pub/epel/6/x86_64/epel-release-6-5.noarch.rpm
31.   rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-6
32.  
33.   #add the rpmforge
34.   rpm -Uvh http://packages.sw.be/rpmforge-release/rpmforge-release-0.5.2-2.el6.rf.x86_64.rpm
35.   rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-rpmforge-dag
36.  
37.   #update the system and set the ntp
38.   yum clean all
39.   yum -y update glibc\*
40.   yum -y update yum\* rpm\* python\*
41.   yum -y update
42.   yum -y install ntp
43.   echo "* 4 * * * /usr/sbin/ntpdate 210.72.145.44 > /dev/null 2>&1" >> /var/spool/cron/root
44.   service crond restart
45.  
46.   #set the file limit
47.   echo "ulimit -SHn 102400" >> /etc/rc.local
48.   cat >> /etc/security/limits.conf << EOF
49.   *           soft   nofile       65535
50.   *           hard   nofile       65535
51.   EOF
52.  
53.   #set the control-alt-delete to guard against the miSUSE
54.   sed -i 's#exec /sbin/shutdown -r now#\#exec /sbin/shutdown -r now#' /etc/init/control-alt-delete.conf
55.  
56.   #disable selinux
57.   sed -i 's/SELINUX=enforcing/SELINUX=disabled/' /etc/selinux/config
58.  
59.   #set ssh
60.   sed -i 's/^GSSAPIAuthentication yes$/GSSAPIAuthentication no/' /etc/ssh/sshd_config
61.   sed -i 's/#UseDNS yes/UseDNS no/' /etc/ssh/sshd_config
62.   service sshd restart
63.  
64.   #tune kernel parametres
65.   cat >> /etc/sysctl.conf << EOF
66.   net.ipv4.tcp_fin_timeout = 1
67.   net.ipv4.tcp_keepalive_time = 1200
68.   net.ipv4.tcp_mem = 94500000 915000000 927000000
69.   net.ipv4.tcp_tw_reuse = 1
70.   net.ipv4.tcp_timestamps = 0
71.   net.ipv4.tcp_synack_retries = 1
72.   net.ipv4.tcp_syn_retries = 1
73.   net.ipv4.tcp_tw_recycle = 1
74.   net.core.rmem_max = 16777216
75.   net.core.wmem_max = 16777216
76.   net.core.netdev_max_backlog = 262144
77.   net.core.somaxconn = 262144
78.   net.ipv4.tcp_max_orphans = 3276800
79.   net.ipv4.tcp_max_syn_backlog = 262144
80.   net.core.wmem_default = 8388608
81.   net.core.rmem_default = 8388608
82.   EOF
83.   /sbin/sysctl -p
84.  
85.   #define the backspace button can erase the last character typed
86.   echo 'stty erase ^H' >> /etc/profile
87.   echo "syntax on" >> /root/.vimrc
88.  
89.   #stop some crontab
90.   mkdir /etc/cron.daily.bak
91.   mv /etc/cron.daily/makewhatis.cron /etc/cron.daily.bak
92.   mv /etc/cron.daily/mlocate.cron /etc/cron.daily.bak
93.   chkconfig bluetooth off
94.   chkconfig cups off
95.   chkconfig ip6tables off
96.   #disable the ipv6
97.   cat > /etc/modprobe.d/ipv6.conf << EOFI
98.   alias net-pf-10 off
99.   options ipv6 disable=1
100.EOFI
101.echo "NETWORKING_IPV6=off" >> /etc/sysconfig/network
102.cat << EOF
103.+-------------------------------------------------+
104.|               optimizer is done                 |
105.|   it's recommond to restart this server !       |
106.+-------------------------------------------------+
107.EOF
对脚本的内容做一下说明:
1.    先对系统进行判断,如果是Cent OS 64位,就继续运行。
2.    先将系统的安装源设置为网易的(网易的安装源算是国内比较稳定的)
3.    安装epel的源和rpmforge的源,利用第三方的源来让yum安装起来更方便
4.    更新软件
5.    设置为每天凌晨四点进行时间同步(跟国家授时中心的服务器进行时间同步)
6.    将系统同时打开的文件个数增大
7.    将ctrl ALT delete键进行屏蔽,防止误操作的时候服务器重启
8.    关闭SELinux
9.    禁用GSSAPI来认证,也禁用DNS反向解析,加快SSH登陆速度
10.   优化一些内核参数
11.   调整删除字符的按键为backspace(某些系统默认是delete)
12.   打开vim的语法高亮
13.   取消生成whatis数据库和locate数据库
14.   关闭没用的服务
15.   关闭IPv6
http://www.linuxde.net/2011/12/5756.html
 

相关内容

    暂无相关文章